Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2016-2538
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU prior to 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that ...
Qemu Qemu
8.8
CVSSv3
CVE-2017-5931
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buff...
Qemu Qemu
6
CVSSv3
CVE-2016-4964
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state.
Qemu Qemu
7.5
CVSSv3
CVE-2017-15268
Qemu up to and including 2.10.0 allows remote malicious users to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c.
Qemu Qemu
5.5
CVSSv3
CVE-2023-42467
QEMU up to and including 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately.
Qemu Qemu
7.8
CVSSv3
CVE-2013-4536
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU pro...
Qemu Qemu
7.5
CVSSv3
CVE-2019-20175
An issue exists in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 up to and including 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must b...
Qemu Qemu
3.3
CVSSv3
CVE-2020-11869
An integer overflow was found in QEMU 4.0.1 up to and including 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could...
Qemu Qemu
5.5
CVSSv3
CVE-2014-0142
QEMU, possibly prior to 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.
Qemu Qemu
3.2
CVSSv3
CVE-2020-25742
pci_change_irq_level in hw/pci/pci.c in QEMU prior to 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.
Qemu Qemu
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »